A new global study by Cohesity, a leader in AI-powered data security and resilience, shows that despite widespread adoption of cyber resilience strategies in India, about 50% of organisations have gaps that need addressing.
The ‘Risk-Ready or Risk-Exposed: The Cyber Resilience Divide’ report, which was polled from 3,200 IT and security decision-makers in eleven countries, reveals the reality of the resilience divide – highlighting that while cyber threats are escalating in both volume and complexity, many organisations remain ill-equipped to respond effectively. This disconnect is leading to measurable business impact—financially, operationally, and reputationally—amid misplaced confidence in their cyber resilience.
According to respondents, companies’ cyber resilience strategies are under mounting pressure amid a worsening threat environment. 61% of Indian respondents confirmed their organisation had experienced a cyberattack with material impact in the past 12 months. Results indicate that data recovery remains a significant challenge in India, almost all (99%) of Indian respondents said it takes their organisations more than 24 hours to restore data from backups after a cyberattack, with 12% needing at least a week.
Ransom Payments Persist with Cybercriminals Cashing In
The business impact is undeniable. Over eight in ten Indian organisations (83%) paid a ransom after a cyberattack in the past year, while 32% have paid ransom(s) of US$1,000,000/ Rs. 8,87,00,000 or higher.This underscores that resilience gaps directly translate into financial and reputational damage.
Resilience as Competitive Advantage
True resilience depends on the practices and capabilities that back them up. However, when assessed against real-world performance criteria, only 10% of organisations in India demonstrate maturity across five essential areas: data protection, data recovery, threat detection and investigation, application resilience, and data risk optimisation.
“Cyber resilience is critical. While many organisations express strong confidence in their cyber resilience strategies and capabilities, the reality tells a different story — most have paid or would pay a ransom, suggesting that many overestimate their true level of resilience. The vast majority remain unprepared for what happens after the breach. Confidence runs high, but reality lags — most organisations have paid or would pay a ransom, and many are still unprepared for the aftermath of a breach,” said Mayank Mishra, regional director, sales, India & SAARC, Cohesity.
The Key Hurdles Teams Faced
Amongst the top challenges experienced during a cyberattack was the inability to communicate or coordinate internally when critical systems — such as email, collaboration tools, and ticketing platforms — were down. This was on par with challenges where security tools were evaded and backups were targeted. Both were cited by 49% of respondents in India. 47% stated that there was pressure from leadership to restore systems before the attack was remediated.
Two-thirds (66%) of Indian organisations admitted to gaps in cross-functional coordination — particularly between IT, security, legal, and business operations — during a cyberattack.
GenAI Adoption Accelerates Beyond Risk Tolerance
The study additionally highlights a parallel challenge. As enterprises integrate new forms of AI into daily operations, many IT functions are struggling with the speed and scale of GenAI adoption. Eighty-five percent of Indian IT and security leaders said GenAI is advancing faster than their organisations can safely manage risks. Yet most also recognise its transformative potential to improve detection, response, and recovery.
“In India, the importance of cyber resilience cannot be overstated,” said Mayank. “Organisations can no longer rely on traditional disaster recovery approaches alone. The evolving threat landscape calls for a proactive strategy that focuses on resilience across five key areas: data protection, data recovery, threat detection and investigation, application resilience, and data risk posture optimisation. Equally important is the adoption of automated response and recovery solutions, which help minimise downtime, limit operational and financial impact, and enable businesses to bounce back swiftly and confidently when cyberattacks occur.”
See Cohesity’s five-step action plan for practical steps to strengthen cyber resilience.
